CT5049: Ethical Hacking & Security

CT5049: Ethical Hacking & Security

Please note this module descriptor is indicative of the structure of this course and may be subject to change.

Module Title Ethical Hacking & Security
Module Code CT5049
Module Tutor Thomas Win
School School of Computing and Engineering
CAT Points 15
Level of Study 5
Brief Description

This module aims to provide both the theoretical and practical skills in the area of ethical hacking and how this is conducted within the available frameworks in an ethical way within UK, EU, and international laws.

Indicative Syllabus

This module will allow students to study a range of subjects. The indicative topic coverage for the five areas of the module are detailed below:


  • An introduction to ethical hacking
    • Ethical hacking methodologies and frameworks;
    • The legal frameworks associated to ethical hacking;
    • The technical foundations of ethical hacking;
    • Scope and requirements;
    • Report writing and delivery.


  • The stages of an ethical hacking methodology
    • Reconnaissance and foot Printing;
    • Scanning and enumeration;
    • Gaining access and exploitation;
    • Maintaining access;
    • Clearing tracks.


  • Evaluation of network and system security
    • Evaluate the current network and system architecture;
    • Evaluate the current security architecture;
    • Identify possible vulnerabilities and weaknesses in the network and system architecture;
    • Formulate possible attack vectors against the Target of Evaluation (ToE).


  • Ethical hacking attacks and protection mechanisms
    • Network attacks;
    • System hacking;
    • Session hijacking and sniffing;
    • Web, SQL Injection and buffer overflow attacks;
    • Wireless attacks;
    • Social engineering;
    • How to protecting the network and system.


  • Standards, polices and legislation
    • Understand and be aware of the legislation in relation to ethical hacking;
    • Understand security policies and strategies;
    • The associated cyber security standards to help protect systems and networks.


In addition to the lectures, the module will include practical hands-on labs, demonstrations, exercises and group discussions to support and develop student learning, knowledge acquisition and understanding of ethical hacking.

Learning Outcomes

A student passing this module should be able to:

  1. Understand and synthesise the essential technical and non-technical components of an ethical hacking methodology;
  2. Recognise and analyse the stages an ethical hacker requires to take in order to compromise a Target of Evaluation;
  3. Detail the tools and techniques to carry out an ethical hacking methodology on a Target of Evaluation;
  4. Critically evaluate a network and system architecture to identify the vulnerabilities and attack vectors. Identify security techniques used to protect the system and data;

Demonstrate systematic understanding of the concepts of security standards, policies and legislation in relation to ethically hacking a Target of Evaluation.

Learning and Teaching Activities Scheduled Contact Hours: 36
Independent Learning Hours: 114
Assessment (For further details see the Module Guide) 001: 100% Assignment: Individual: 2500 words or equivalent
Special Assessment Requirements
Indicative Resources The current reading list can be found in the Module Guide, which your lecturer should make available via Moodle.

What are Course Maps and Module Descriptors?

Course Maps

A course map contains a list of the individual study units, called modules, that you study to complete your course. Some modules are compulsory, but you can sometimes choose modules outside your core area of study which interest you.

Module Descriptors

A module is a self-contained, individual unit of study. The module descriptor provides various details about the module including who the module tutor is, what you will be studying, how you will be assessed and what you will have learned once you have completed the module.

Course Resources Archive

Course maps and module descriptors from previous years can be found in the Course Resources Archive.